Doug Ludy wrote:
I am new at this, but have been following the discussion of phishing at
the n.p.m.security newsgroup for the past month. I would like to try
the trustbar extension but when I try to download the program from
http://trustbar.mozdev.org I cannot do so because I have JavaScript
blocked. Should I unblock JavaScript in FF or have I reached a spoofed
site?
Doug,
You may want to look into installing this 'must-have' (IMO)
Firefox extension- NoScript v1.0.9. It disallows all Javacript use
unless you give permission for the specific site/page you're on.
https://addons.mozilla.org/extensions/moreinfo.php?id=722
Oh, and I allow all the mozilla.org sites permission, and just by
allowing 'mozilla.org'. More on that from www.NoScript.net:
Site matching-
For each site you can decide to allow the exact address, or the
exact domain, or a parent domain. If you enable a domain
(e.g. mozilla.org), you're implicitely enabling all its subdomains
(e.g. www.mozilla.org, addons.mozilla.org and so on) with every
possible protocol (e.g. http and https). If you enable an address
(protocol://host, e.g. http://www.mozilla.org, you're enabling its
subdirectories-
(http://www.mozilla.org/firefox http://ww.mozilla.org/thunderbird),
but not its domain ancestors nor its siblings, i.e. mozilla.org and
addons.mozilla.org will not be automatically enabled.
By default only the 2nd level, base domain is shown(e.g. mozilla.org)
in the menu, but you can configure appearance to show full domains
and full addresses as well.
___
Mozilla-security mailing list
Mozilla-security@mozilla.org
http://mail.mozilla.org/listinfo/mozilla-security
